<?php
//include Header
$path = $_SERVER['DOCUMENT_ROOT'];
include("$path/header.php");


if(isset($_SESSION['sessionid'])){
	$result = mysql_query("select beheerder from klanten where klantnummer = " . $_SESSION['klantnummer'] . ";",$server);
	$beheerder = 0;
	while($row = mysql_fetch_array($result)){
		$beheerder = $row['beheerder'];
	}
	if($beheerder == 1){
		$q = $_POST['q'];
		$qt = $_POST['qt'];

		echo "
		<center>
			<table border=\"0\" width = \"80%\">
				<tr>
					<td>
						<form name=\"klantnummer\" action=\"klanten.php\" method=\"post\">
							<input type=\"text\" name=\"q\" value=\"klantnummer\" onfocus=\"if(this.value == this.defaultValue) this.value = ''\" />
							<input type=\"hidden\" name=\"qt\" value=\"1\" />
							<input type=\"submit\" value=\"Zoek\">
						</form>
					</td>
					<td>
						<form name=\"username\" action=\"klanten.php\" method=\"post\">
							<input type=\"text\" name=\"q\" value=\"username\" onfocus=\"if(this.value == this.defaultValue) this.value = ''\" />
							<input type=\"hidden\" name=\"qt\" value=\"2\" />
							<input type=\"submit\" value=\"Zoek\">
						</form>
					</td>
					<td>
						<form name=\"klantnaam\" action=\"klanten.php\" method=\"post\">
							<input type=\"text\" name=\"q\" value=\"klantnaam\" onfocus=\"if(this.value == this.defaultValue) this.value = ''\" />
							<input type=\"hidden\" name=\"qt\" value=\"3\" />
							<input type=\"submit\" value=\"Zoek\">
						</form>
					</td>
					<td>
						<form name=\"klantemail\" action=\"klanten.php\" method=\"post\">
							<input type=\"text\" name=\"q\" value=\"email\" onfocus=\"if(this.value == this.defaultValue) this.value = ''\" />
							<input type=\"hidden\" name=\"qt\" value=\"4\" />
							<input type=\"submit\" value=\"Zoek\">
						</form>
					</td>
				</tr>
			</table>
			";
		$select = "select * from klanten";
		if(isset($q)){
			if($qt == 1){
				$select = "select * from klanten where klantnummer = $q";
			} elseif($qt == 2) {
				$select = "select * from klanten where username like '%$q%'";
			} elseif($qt == 3){
				$select = "select * from klanten where voornaam like '%$q%' or achternaam like '%$q%'";
			} elseif($qt == 4){
				$select = "select * from klanten where email like '%$q%'";
			}
		}
		$query = mysql_query($select,$server);
		echo "
		<table border=\"0\" id=\"productTable\" width=\"100%\">
			<thead>
				<tr>
					<th>Klantnummer</th>
					<th>Username</th>
					<th>Email</th>
					<th>Voornaam</th>
					<th>Achternaam</th>
					<th>Geslacht</th>
					<th>Nieuwsbrief</th>
					<th>Beheerder</th>
				</tr>
			</thead>
			<tfoot>
				<tr>
				</tr>
			<tfoot>
			<tbody>";
		while($row = mysql_fetch_array($query)){
			echo"
				<tr>
					<th>
						<a href=\"klant.php?kn=" . $row['klantnummer'] . "\">" . $row['klantnummer'] . "</a>
					</th>
					<td>
						<a href=\"klant.php?kn=" . $row['klantnummer'] . "\">" . $row['username'] . "</a>
					</td>
					<td>
						<a href=\"klant.php?kn=" . $row['klantnummer'] . "\">" . $row['email'] . "</a>
					</td>
					<td>
						<a href=\"klant.php?kn=" . $row['klantnummer'] . "\">" . $row['voornaam'] . "</a>
					</td>
					<td>
						<a href=\"klant.php?kn=" . $row['klantnummer'] . "\">" . $row['achternaam'] . "</a>
					</td>
					<th>
						<a href=\"klant.php?kn=" . $row['klantnummer'] . "\">" . $row['geslacht'] . "</a>
					</th>";
					if($row['nieuwsbrief']){
						echo "<th>Ja</th>";
					} else {
						echo "<td>Nee</td>";
					}
					if($row['beheerder']){
						echo "<th>Ja</th>";
					} else {
						echo "<td>Nee</td>";
					}
					echo "
				</tr>";
		}
	} else {
		echo "<h1>Onvoldoende rechten</h1>";
	}
} else {
	echo "<h1>Niet ingelogd</h1>";
}

echo "</tbody></table></center>";
//include footer
include("$path/footer.php");

?>